Re: Uniquely Identifying USB filesystem possible?

[Harry Hirte]

On Tuesday, January 16, 2024 at 08:15:58 PM GMT+1, Andrei Borzenkov 
<arvidjaar@gmail.com> wrote: 

...

>This is LUKS1
actually that does not matter. Grub2 was previously only working with LUKS1 and 
has been extended to work with LUKS2
I have for years used grub to open a LUKS-1 device (boot) to load initrd and 
then moved on to open the LUKS-2 root filesystem.
Standard grub now works with LUKS-2 only for pbkdf2; I use a patched version 
that also supports argon2i.
But this is irrelevant. Grub still supports LUKS version 1 - just not on USB 
drives, it seems
 
...

>Those bits of information you provided in your previous mail only 
>mention luks2 module and your device is LUKS1, so it is expected that it 
>will not be detected.

>But that does not matter, because if you use part of the physical device 
>as the key, then cryptomount'ing it will not help you to get this key.

correct - I did that only to find out if grub would find the UUID if I pretend 
it to be a LUKS-device for booting.
It turns out that not even that works.

...

>GRUB UUID search is implemented for filesystems only. So I do not 
>understand why you are trying to jump through the hoops. Just create 
>normal filesystem (that can be detected using search.fs_uuid) and place 
>your keyfile there.

I guess that would be my next attempt - for obvious reasons it is inconvenient 
to hide the key in a filesystem, though. 
Much easier and undetectable to use some place in the data section of a 
LUKS-volume, which is random data anyway.

Thanks for you input!